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!. (Gnrentiyamended) A secure daia authentication apparatus to authenticate 
software file, the software fib having a first signature appern^ to the software file, for use on a 
computer system, ahesdu tH E TOlEa — ^ nH m rwner W ito fa m& 



-H fi m Hhntmr ™ pp™ f , gag g Im fr ^ h COTT^d by proo fing 
r 1 ^ — oj «ud gfltes fife yj^g a Stod bsh ftnrrino, aaase hash value , is 

^ -H nwn.Wrn proto ^ first sign^the apparatus comprising: 
a secure processing device within the computer system to receive the software file and hash 
Qi L nfrmrr file ,rtr ^ A ^ ^rion to produce a first hash value; and 

a first key located within the secure processing device, gfakh finr to^pd^ ti4 
fey wherein the secure processing device encrypts the first hash value with the first key to generate a 
second signature and compares the first signature with the second signature, and if the first signature 
notches the second signature, the computer system accept the software file as being authenticated. 

2. (Currently amended) The secure data authentication apparatus of claim 1 wherein 
the software file further comprises a first source signature appended to the software file, the 

apparatus further comprising: 

a source key located within the secure processing device, wherein the secure processing 
device encrypts the first hash value with the source key to generate a second source signature and 
compares the first source signature with the second source signature, and if the first source signature 
matches the second source signature, the computer system accepts the software file as being 
authenticated from the source represented by the first source signature. 
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3. (Cuxrently amended) The secure data authentication apparatus of claim 1 wherein 
the software fDe further comprises a first owner signature appended to the software file, the 

apparatus further comprising: 

an owner key located within the secure processing device, wherein the secure processing 
device encrypts me first hash value with the owner key to generate a second owner signature and 
compares the first owner signature with the second owner signature, and if the first owner signature 
caches the second owner signature, the computer syaem accepts the software file as being 
authenticated. 



4. 



(Oirremr^ amended) The secure data authentication apparatus of claim 1, further 



comprising: 

a key exchange request having a first key exchange signature app^^ 
exchange request sent from the computer system to the secure processing device, wherein the secure 
processing device hashes the key exchange request to generate a second hash value; 

a first key exchange key located within the secure processing device, wherein the secure 
processing device encrypts the second hash value with the first key exchange key to generate a 
second key exchange signature and compares rhe first key exchange signature with the second key 
exchange signature, and if the first key exchange signature matches the second key exchange 
signature, the secure processing device erases the first owner key; and 

a second owner key within the key exchange request, wherein the secure processing device 

saves the second owner key. 



5. 



(Gentry amended) The secure data authentication apparatus of claim 40 
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, . v a first feature file and the computer system 

herein the computer system further comprises a iirsi ieaiure i«c 

performs in accordance with the first feature file, the apparatus further comprising: 

a second feature file having a third owner signature appended thereto, wherein die secure 
processing device bashes the second feature file to generate a third hash value which is encrypted 
^ith the second owner key to generate a fourth owner signature and compares the third owner 
signature with the fourth owner signature, and if the third owner signature matches the fourth 
owner signature, the computer system replaces the first feature file with the second feature file. 

6. (Currently amended) The secure data authentication apparatus of claim lO 
wherein the program comprises a feature file having a phiraKty of features wherein a subset of the 
plurality of features are activated and the computer system operates in accordance with the subset of 
the plurality of features. 

7. (Currentiy amended) A secure data authentication apparatus to authenticate an 
of a software file and of a telephony switching system on which the software file is stored, the 



owner 



apparatus comprising; 

a first feature file and a software file, the first feature file having a plurality of features and a 
first owner signature appended thereto, gfaggm said telephony waning ^ S assigned a fist 
o^grky-rhai g unique to sad *«1» ph™rv switch™ system, said fim owner signal comprising a 
^nrs hash valu» T w 15 ™™P"H teprBSBSljag 1ftast nf <A ' A SfifcgaiS filf nsinp » selected 
^ foncHQn: wfakb sn 1 TT r f h^ a ^rrvnted usmg said first ow to PrM"C* said first 

signature, wherein a first subset of the plurality of features is activated; 

a secure microprocessor within the telephony switching system, the secure microprocessor 
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having m «*wion *>*to. *■ — r^^^^^^^ 

tfi/ ft cp.Wtedh^ fuaeflSffi to generate a first hash value; and 

a first owner key wafers wjhjr, the secure microprocessor, therein the secure 
Preprocessor encrjp* the first hash value with the first owner key to generate a second owner 
signature and die secure microprocessor compares Ac fust owner signature with the second owner 
signature, and if the first owner signature matches the second owner signature, the telephony 
switching system operates in accordance with the first subset of the plurality of features of the first 
feature hie. 

8. (Currently amended) The secure data authentication apparatus of claim 7, the 
apparatus further authenticating a source of the software file, the apparatus further comprising; 
a first source signature appended to the first feature file; and 

a source key located within the secure microprocessor, wherein the secure microprocessor 
encrypts the first hash value wirh the source key ro generate a second source signature and the 
secure microprocessor compares the first source signature with the second source signature, and if 
the first source signature matches the second source signature, the telephony switching system 
operates in accordance with the first subset of the plurality of features of rhe first feature file. 

9. (Currendy amended) The secure data authentication apparatus of claim 7, further 
comprising: 

a second feature file having a second subset of the plurality of features activated, the second 
feawre file having a third owner signature appended thereto; wherein the secure microprocessor 
receives the second feature file and hashes the second feature file to generate a second hash value 
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and encrypts the second hash value wich me first owner key to generate a fourth owner signature, 
and the secure microprocessor compares the third owner signature with the fourth owner signature, 
and if the third owner signature matches the fourth owner signature, the second feature file is 
written over the first feature file. 



10. (Currently amended) A method for authenticating an owner of a software file 
hywng thaLbas a first identification code means comprising a SQ "^ hash th * r cam P^ d b ^ 
r^pc^ g at feast som* nf W softwa r e file usinp a selected hash function , yhirh WT mft hash value 
B encrypted i.gj n ^ an mpwr key to prrvW sa :J ^TTiT fT'ir - ^" - ' attached thereto for use on a 
computer system, T ^tT?"* '"'i d Qftrn puter svstem * assumed said owner key that w unique V> said 
rmn pnrgr system, the computer system comprising a secure processor processing m e an s having an 
encryption algorithm and [[a]] an owner key, the method comprising: 

initiating the computer system; 

bashing the software file "*" f hash function within the secure processor 

processing means to generate a first hash value; 

encrypting the first hash value with the owner key to generate a second identification cods 

comparing the first identification £ode means wrch the second identification co<fe mesas, and 
if the first identification code means matches the second identification code me**, the computer 
system accepts the software file as being authenticated for the owners owner's use. 

11. (Currently amended) A method for authenticating an owner of a software file 
having that has a first owner signature uprisin g a snnme hash value that is computed by 
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^ c a ?H ^We fik 8 selected hash fimrrjon . wfairh 8gUflffi hash value 

j • ^ w fn r>rr,rh.rp said first signature, appended to the software file, for 

f nn-vpted "<M P g an owner key tP proquce saw rirst signal, ..ppcuuc 

use on a computer system, wherein said computer system is a li gned said o^r key thar. is unique 

w C? ,M rnm pi^r system, having a secure processing device to generate an authorization signal the 

secure processing device comprising a security routine, an encryption algorithm and a first owner 

key; the process comprising: 

receiving the software fik by the computer system and sending the software file to the 

secure processing device; 

ha shing the software file using «*id selected hash function to generate a first hash value; 
encrypting the first hash value within the secure processing device with the first owner key 

to generate a second owner signatuie; and 

comparing the first owner signature to the second owner signature, wherein if the first 
owner signature and the second owner signature match, the secure processing device generates the 
authorization signal. 

12. (Gjrrentty amended) The method for authenticating an owner of the software file 
of claim HO wherein the software file further comprises a first source signature appended thereto 
and the secure processing device further comprising a source key, the method further authenticating 
a source of the software file, the method comprising! 

encrypting the first bash value within the secure processing device with the source key to 

generate a second source signature; and 

comparing the first source signature to the second source signature, wherein if the first 
source signature and the second source signature match, the secure processing device generates the 
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authorization signal. 

13. (Currently amended) The method for authenticating an owner of the software file 
of claim HO wherein the secure processing device further comprises a first key exchange key, the 

method further comprising: 

receiving a key exchange request by the secure processing device, the key exchange request 
including an encrypted second owner key and having a first key exchange signature appended 
thereto; 

hashing the key exchange request to generate a second bash value; 

encrypting the second hash value with the first key exchange key to generate a second key 

exchange signature; and 

comparing the first key exchange signature with the second key exchange signature, -wherein 
if the first key exchange signature and the second key exchange signature match, die secure 
processing device decrypts the second owner key and replaces die first owner key wirb the decrypted 
second owner key. 

14. (Currently amended) The method for authenticating an owner of a software file of 
claim 130 wherein the key exchange request further comprises an encrypted second key exchange 
key, the authenticating method further comprising: 

decrypting the encrypted second key exchange key with the first key exchange key; and 
replacing the first key exchange key located within the secure processing device with the 
decrypted second key exchange key. 
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15. (Oment^ amended) Hie method for authenticating a source and an corner of a 
software fife of ckim 130 therein the computer system further comprises a fust feature fife 
having a first plurality of features, wherein a first subset of the first plurality of features is activated 
and the computer system performs in accordance with the fin* subset of the first plurafcy of 

features, the method further comprising: 

receiving a second feature file having a third owner signature appended thereto, the second 
feature file comprising a second plurality of features wherein a second subset of the second plurality 
of features is activated; 

hashing the second feature file within the secure processing device to generate a third hash 

value; 

encrypting the third bashed file with the second decrypted owner key within the secure 
processing device to generate a fourth owner signature; and 

comparing the third owner signature with the fourth owner signature, wherein if the third 
owner signature matches the fourth owner signature, the computer system overwrites the fust 
feature file with the second feature file, and the computer system performs in accordance with the 
second subset of the second plurality of features. 

16. (Currently amended^ A method for authenticating a source of a software file 
having a first source signature appended to the software file, for use on a computer system having a 
secure processing device to generate an authorization signal, the secure processing device 
comprising a security routine, an encryption algorithm and a first source key, the process 
comprising: 

receiving the software file by the computer system and sending the software file to the 
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secure processing device; 

has hing the software file to generate a fust hash value; 

encrypting the first hash value within the secure processing device with the fust souxce key 

to generate a second source signature; and 

comparing the first source signature to the second source signature, wherein if the first 
source signature and the second source signature match, the secure processing device generates the 
authorization signal 

17. (Currently amended) The method for authenticating the source of the software fOe 
of claim 1 lO wherein the software file further comprises a first owner signature appended thereto 
and the secure processing device further comprising Ha]] an owner key, the method further 
authenticating [[a]] as owner of the software file, the method comprising: 

encrypting the first hash value within the secure processing device with the owner key to 

generate a second owner signature; and 

comparing the first owner signature to the second owner signature, wherein if the first 
owner signature and the second owner signature match, the secure processing device generates the 
authorization signal 

18. (Currently amended) A method for authemicating a software file from a PBX 
manufacturer, the software file comprising a feature file having a plurality of features wherein a 
subset of the plurality of features are activated, the software file operating on a PBX, the PBX 
comprising a secure microprocessor having an encryption algorithm and a first fcey ihffifr unique 
said PBX the method comprising: 
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hashing the feature file HlT n rV^ ^ ***** ai PBX n""***"* ™ * 
fist hash value; 

encrypting the fust hash value wiw**eeei^saidjgt keyto generate a first signature; 
appending the first signature to the feature file; 

receiving the feature file and appended first signature by the secure microprocessor, 
hashing the received feature file using nirj SgkSgl hah function within the secure 
microprocessor to generate a second hash value; 

encrypting the second hash value with the first key to generate a second signature; and 
cornparing the first signature with the second signature, and if the fim signature 
>nd signature, the PBX accepts the software file as being authenticated. 



secoi 
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